Netizen Blog and News
The Netizen team sharing expertise, insights and useful information in cybersecurity, compliance, and software assurance.
Category: Threat Intelligence
-
Fortinet has issued a new advisory warning customers that CVE-2020-12812, an improper authentication flaw first disclosed in 2020, is once again being used in real-world attacks. The weakness affects FortiOS SSL VPN under specific configurations and allows users to authenticate without being prompted for a second factor simply by changing the letter case of the…
-
CVE-2025-55182, commonly referred to as React2Shell, is a critical pre-authentication remote code execution (RCE) flaw impacting React Server Components (RSC), Next.js, and related frameworks. The bug sits in the way affected versions parse and trust serialized payloads sent via the Flight protocol. With a CVSS score of 10.0, the vulnerability allows a single HTTP request…
-
Today’s Topics: Cisco AsyncOS Zero-Day Actively Exploited in Targeted Email Gateway Intrusions Cisco has issued an urgent warning regarding an actively exploited, maximum-severity zero-day vulnerability affecting Cisco AsyncOS software used by Cisco Secure Email Gateway (SEG) and Cisco Secure Email and Web Manager appliances. The flaw, tracked as CVE-2025-20393 with a CVSS score of 10.0,…
-
U.S. Customs and Border Protection is moving into a decisive phase of its quantum preparedness program as it approaches 2026. Senior leadership has framed this effort as a necessary response to long-term cryptographic risk rather than a speculative research exercise. The focus centers on protecting sensitive government data against future cryptanalytic breakthroughs tied to large-scale…
-
A rootkit is a class of post-exploitation malware built to preserve long-term, privileged access to a compromised system while actively concealing its presence. Unlike most malware families that prioritize immediate payload execution or data theft, a rootkit exists to subvert visibility itself. It alters how an operating system reports processes, files, memory, network activity, and…
-
Today’s Topics: Featured Browser Extensions Caught Harvesting AI Chat Data at Scale A Chrome browser extension promoted as a trusted, “Featured” tool has been caught quietly collecting AI chat conversations at massive scale, raising serious questions about extension marketplace oversight and user consent in AI-heavy workflows. Urban VPN Proxy, a Chrome extension with roughly six…
-
Microsoft’s December 2025 Patch Tuesday includes fixes for 57 vulnerabilities, including one actively exploited zero-day and two publicly disclosed zero-days. Three of the patched flaws are classified as critical, all tied to remote code execution. Breakdown of Vulnerabilities These totals do not include 15 Microsoft Edge vulnerabilities or Mariner fixes that were released earlier in…
-
Today’s Topics: Detecting React2Shell: What Security Teams Should Be Watching for Right Now Since the disclosure of CVE-2025-55182 on December 3, 2025, most of the attention around React2Shell has centered on patching timelines and framework exposure. That is necessary, but for many environments, detection is the real safety net while fixes are staged, tested, and…
-
A joint investigation revealed North Korea’s Lazarus Group using identity theft to infiltrate Western companies by posing as remote IT workers. Recruiters targeted applicants, while the operators controlled victim laptops remotely. The findings emphasize the growing risk of remote recruitment for companies, stressing the need for strong identity controls and employee vigilance.
-
Organizations often struggle with increasing cybersecurity alert volumes and complex infrastructures. SOC-as-a-Service (SOCaaS) offers efficient monitoring and incident response through a managed service, allowing internal teams to focus on strategic improvements. Providers ensure continuous coverage, fast threat detection, and enhanced readiness, promoting effective incident response and sustainable security practices over time.
Netizen Blog and News 